Описание
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2.10.0-0ubuntu2 |
| hardy | ignored | end of life |
| lucid | released | 1:2.6.6-1ubuntu4.4 |
| maverick | released | 1:2.7.3-1ubuntu3.3 |
| natty | released | 1:2.7.11-1ubuntu2.1 |
| oneiric | not-affected | 1:2.10.0-0ubuntu2 |
| upstream | released | 2.10.0-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message.
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message.
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol ...
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message.
EPSS
4.3 Medium
CVSS2